Certificate Signing Request (CSR) is a block of encrypted data generated by the server which contains information such as organization name (company name), common name (domain name), region, and country required to generate certificates. It also contains a public and private key when the CSR is generated.
Creating a CSR depends on the type of web server which uses the certificates. Please refer to the instructions provided by the vendor to complete the process. If you are familiar with OpenSSL, you can use the following commands to generate a CSR and private key. openssl req -new -keyout server.key -out server.csr
You can use CSR (Certificate Signing Request) to order for an SSL certificate, but it does not require a private key. The private key must be kept secret. Certificates created with a particular CSR will only work with the private key generated by it. Please note that if you lose your private key, your certificate will no longer work any longer. Please refer to the explanation page for more details on how to create a CSR.
There are three types of certificates - DV (domain authentication type), OV (organization authentication type), and EV (extended verification type) certificates, and the authentication process differs accordingly. Please refer to the detailed SSL certificate guide for more details.
A domain (DV) authenticated SSL certificate is issued only after the owner verified that he/she has the right to use the established domain. Firstly, the Certificate Authority (CA) sends an email to the domain owner who is listed in the WHOIS database. After receiving a confirmation from the domain owner, a DV certificate will be issued. Each CA has to perform checks to ensure that SSL certificates are true and not fraudulent as domain certificates may resemble famous certificates. (eg. yah00.com, amaz0n.com, gOogle.co, etc). The DV certificate contains only the domain name and is usually issued faster than other types of certificates because the evaluation process is not as stringent and checks are minimal. While the padlock is displayed in the browser, it will not be displayed because the company name is not verified and authenticated.
Organization Validated Certificates provide an added degree of SSL protection for your website and business through identity verification. Organization Validated certificates verify domain owners and authenticate the business organizations affiliated with the URL. OV certificates are often used by large organizations or entities which often manage and deal with sensitive and confidential information of visitors. Please check out more details by referring to the guide on SSL authentication information page.
TuringSign EV (Extended Validation) certificates have to undergo both DV and OV authentication process. Extended Validation Certificates offer the highest protection and trust available. The verification process for EV certificates is comprehensive and extensive. Additional details such as address and the name of the CEO have to be confirmed and verified for EV authentication. Please refer to the guide on SSL authentication information page for more details.
DV (Domain-Validation) certificates can only be issued after the owner has established proof that he/she has the right to use the domain. The Certificate Authority will send an email to the domain owner. After the owner replies, a DV certificate will be issued. Many Certificate Authorities perform additional fraud checks to issue domain certificates that might resemble high-value domains (eg Micros0ft.com, g00gle.com, b0fay.com, etc.). The certificate contains only the domain name. This certificate is usually issued faster than other types of certificates because checks performed are minimal. While the padlock is displayed in the browser, it will not be displayed because the company name has not been verified by the Certificate Authority.
The Certificate Authorities should use a public database to check and confirm company names, domain names, and other essential information for OV (Organizational Validation) certificates. The certificate authority may also use additional methods to ensure that the information shown in the certificate is accurate. The issued certificate includes information such as company name and domain name. With these additional checks, this is the most suitable certificate recommended for e-commerce businesses to provide consumers additional information and to reassure consumers regarding transactions.
EV (Extended-Validation) certificates are issued only if the organization passes the strict authentication and validation process conducted by Certificate Authority. These checks are much more stringent than the procedures for OV certificates. The issued EV certificate displays a green address bar in internet browser and also shows the official organization name and address to verify that the entity is legitimate.
The SSL server certificate can be installed on different types of servers, please refer to the installation guide page after purchasing TuringSign SSL certificates.
The TuringSign SSL certificate can be canceled within 30 days of issuance. We have not issued a formal test certificate, but please check the correct operation before installing the server certificate on the website and cancel it.
The maximum validity period of SSL certificate is 397 days.
TuringSign certificate has the official "WebTrust Audit" certification, hence it offers a variety of browser compatibility. Please be assured that you can use it safely and securely in different countries on different web servers.
The verification duration varies depending on the authentication process of server certificates. SSL certificates are normally issued immediately after verification is completed. DV certification takes approximately less than a day, OV certification 1 - 3 days, and EV certification 1 - 5 days. Please refer to SSL authentication information page for more information.
Presently, the maximum duration is 397 days, but we are in the midst of preparing products for multi-year plans.
EV certificates are issued only if the organization pass strict authentication procedures. These checks are conducted more stringently than OV certificates.
EV certificates has two functions.
Another way of verifying a domain is DNS (TXT record) Verification. If you selected DNS Authentication as your verification method, you will receive a unique TXT record via email consisting of two parts:
Verify by adding a TXT record in your DNS. Please verify and check if you have added the correct record
Please submit a requestfor support if you face any issues.
Depending on your DNS provider, You may have to wait for at least an hour for the changes to take effect in the DNS Servers. You will be notified via email when the domain is verified.
The third method of verifying a domain is HTTP File Upload Verification. After choosing File Authentication as your verification method, you will receive an email and be asked to download a unique verification file (Format: .txt) and upload it to a specific directory on your web server.
Verify by uploading the attached file fileauth.txt in your web server as follows:
You may have to wait for at least an hour for the changes to take effect in the validation services. You will be notified via email when the domain is verified.
Please submit a request for support if you face any issues.